CVE-2013-3612

Опубликовано: 17 сент. 2013

Источник: nvd

CVSS2: 10

EPSS Низкий

Описание

Dahua DVR appliances have a hardcoded password for (1) the root account and (2) an unspecified "backdoor" account, which makes it easier for remote attackers to obtain administrative access via authorization requests involving (a) ActiveX, (b) a standalone client, or (c) unknown other vectors.

Ссылки

http://www.kb.cert.org/vuls/id/800094
US Government Resource
http://www.kb.cert.org/vuls/id/800094
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:h:dahuasecurity:dvr0404hd-a:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr0404hd-l:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr0404hd-s:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr0404hd-u:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr0404hf-a-e:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr0404hf-al-e:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr0404hf-s-e:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr0404hf-u-e:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr0804:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr0804hd-l:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr0804hd-s:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr0804hf-a-e:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr0804hf-al-e:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr0804hf-l-e:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr0804hf-s-e:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr0804hf-u-e:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr1604hd-l:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr1604hd-s:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr1604hf-a-e:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr1604hf-al-e:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr1604hf-l-e:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr1604hf-s-e:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr1604hf-u-e:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr2104c:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr2104h:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr2104hc:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr2104he:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr2108c:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr2108h:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr2108hc:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr2108he:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr2116c:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr2116h:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr2116hc:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr2116he:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr2404hf-s:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr2404lf-al:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr2404lf-s:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr3204hf-s:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr3204lf-al:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr3204lf-s:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr3224l:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr3232l:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr5104c:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr5104h:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr5104he:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr5108c:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr5108h:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr5108he:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr5116c:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr5116h:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr5116he:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr5204a:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr5204l:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr5208a:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr5208l:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr5216a:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr5216l:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr5404:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr5408:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr5416:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr5804:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr5808:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr5816:-:*:*:*:*:*:*:*

cpe:2.3:h:dahuasecurity:dvr6404lf-s:-:*:*:*:*:*:*:*

EPSS

Процентиль: 92%

0.09226

Низкий

10 Critical

CVSS2

Дефекты

CWE-255

Связанные уязвимости

GHSA-3c7g-8x9w-wjqp

github

больше 3 лет назад